package cx.zan.web.filter;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@WebFilter("/*")
public class CORSFilter implements Filter {
    @Override
    public void destroy() {
    }

    @Override
    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
        HttpServletResponse response= (HttpServletResponse) resp;
        HttpServletRequest request= (HttpServletRequest) req;
        String origin = request.getHeader("Origin");
        //跨域支持 允许你访问我
        //response.addHeader("Access-Control-Allow-Origin","http://www.shop.com:5500");
        response.setHeader("Access-Control-Allow-Origin",origin);
        //负责跨域 cookie 问题
        response.setHeader("Access-Control-Allow-Credentials","true");

        chain.doFilter(req, resp);

    }

    @Override
    public void init(FilterConfig config) throws ServletException {

    }

}
